GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,990
Composer 4,293
Erlang 31
GitHub Actions 21
Go 2,061
Maven 5,239
npm 3,744
NuGet 668
pip 3,423
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,556

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

240 advisories

Filter by severity

Sort by

Least recently updated

An XML External Entity Injection (XXE) vulnerability in the Management System (console) of... Moderate Unreviewed

CVE-2019-8997 was published May 14, 2022

SLD Registration in SAP HANA (fixed in versions 1.0, 2.0) does not sufficiently validate an XML... Moderate Unreviewed

CVE-2019-0284 was published May 14, 2022

The SOAP parser in PHP before 5.3.22 and 5.4.x before 5.4.12 allows remote attackers to read... Moderate Unreviewed

CVE-2013-1824 was published May 14, 2022

The Microsoft Common Console Document (.msc) in Microsoft Windows 7 SP1, Windows Server 2008 SP2... Moderate Unreviewed

CVE-2017-8710 was published May 13, 2022

An XML External Entity vulnerability in the web-based user interface of the Cisco Secure Access... Moderate Unreviewed

CVE-2017-3839 was published May 13, 2022

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products ... Moderate Unreviewed

CVE-2017-3548 was published May 13, 2022

Unspecified vulnerability in HP WebInspect 7.x through 10.4 before 10.4 update 1 allows remote... Moderate Unreviewed

CVE-2015-2125 was published May 13, 2022

The ifmap service that comes bundled with Contrail has an XML External Entity (XXE) vulnerability... Moderate Unreviewed

CVE-2017-10617 was published May 13, 2022

A vulnerability in the Profile Editor of the Cisco AnyConnect Secure Mobility Client could allow... Moderate Unreviewed

CVE-2018-0100 was published May 13, 2022

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to... Moderate Unreviewed

CVE-2018-0108 was published May 13, 2022

A vulnerability in the web-based UI of Cisco Secure Access Control Server could allow an... Moderate Unreviewed

CVE-2018-0414 was published May 13, 2022

In WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and prior and PI Studio versions 4.2... Moderate Unreviewed

CVE-2018-17889 was published May 13, 2022

IBM App Connect V11.0.0.0 through V11.0.0.1, IBM Integration Bus V10.0.0.0 through V10.0.0.13,... Moderate Unreviewed

CVE-2018-1801 was published May 13, 2022

The TIBCO Designer component of TIBCO Software Inc.'s TIBCO Runtime Agent, and TIBCO Runtime... Moderate Unreviewed

CVE-2018-5434 was published May 13, 2022

The TIBCO Administrator server component of TIBCO Software Inc.'s TIBCO Administrator -... Moderate Unreviewed

CVE-2018-5433 was published May 13, 2022

External Entity Attack vulnerability in the ePO extension in McAfee Common UI (CUI) 2.0.2 allows... Moderate Unreviewed

CVE-2018-6670 was published May 13, 2022

A vulnerability in the web-based user interface of Cisco Internet of Things Field Network... Moderate Unreviewed

CVE-2019-1698 was published May 13, 2022

The _clone function in XML::LibXML before 2.0119 does not properly set the expand_entities option... Moderate Unreviewed

CVE-2015-3451 was published May 13, 2022

A vulnerability in the web-based user interface of the Cisco Secure Access Control Server prior... Moderate Unreviewed

CVE-2018-0207 was published May 13, 2022

A vulnerability in the web-based user interface of the Cisco Secure Access Control Server prior... Moderate Unreviewed

CVE-2018-0218 was published May 13, 2022

IBM Security Access Manager for Web is vulnerable to a denial of service, caused by an XML... Moderate Unreviewed

CVE-2016-3027 was published May 13, 2022

XML external entity (XXE) vulnerability in Geist WatchDog Console 3.2.2 allows remote... Moderate Unreviewed

CVE-2018-10077 was published May 13, 2022

XML external entity (XXE) vulnerability in com.sap.km.cm.ice in SAP NetWeaver AS JAVA 7.5 allows... Moderate Unreviewed

CVE-2017-11457 was published May 13, 2022

In Single Sign-On for Pivotal Cloud Foundry (PCF) 1.3.x versions prior to 1.3.4 and 1.4.x... Moderate Unreviewed

CVE-2017-8040 was published May 13, 2022

expat 2.1.0 and earlier does not properly handle entities expansion unless an application... Moderate Unreviewed

CVE-2013-0340 was published May 5, 2022

Previous 1 2 … 6 7 8 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

240 advisories